opentelemetry-java-instrumentation

Commit Graph

Author	SHA1	Message	Date
Lauri Tulmin	2f0819ae20	Improve compatibility with SecurityManager (#7983 ) This pr gives classes defined in agent and extension class loaders all permissions. Injected helper classes are also defined with all permissions. Agent startup is altered so that we won't call methods that require permission before we are able to get those permissions. This pr does not attempt to address issues where agent code could allow user code to circumvent security manager e.g. https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/javaagent-bootstrap/src/main/java/io/opentelemetry/javaagent/bootstrap/InstrumentationHolder.java gives access to `Instrumentation` that could be used to redefine classes and remove security checks. Also this pr does not address failed permission checks that could arise from user code calling agent code. When user code, that does not have privileges, calls agent code, that has the privileges, and agent code performs a sensitive operation then permission check would fail because it is performed for all calling classes, including the user classes. To fix this agent code should uses `AccessController.doPrivileged` which basically means that, hey I have done all the checks, run this call with my privileges and ignore the privileges of my callers.	2023-04-05 15:41:37 +03:00
Lauri Tulmin	c76345a973	Always set parent of agent class loader to bootstrap class loader (#5169 ) * Always set parent of agent class loader to bootstrap class loader * remove parent class loader argument	2022-01-18 19:36:28 -08:00
Lauri Tulmin	0f3d0cb05b	Generate our own sun.misc.Unsafe if it is not available (#4124 ) * Generate our own sun.misc.Unsafe if it is not available * skip generating invokeCleaner method * grpc isn't shaded so setting system property doesn't affect only our bundled copy * generate invokeCleaner when it is present in internal unsafe	2021-09-22 20:18:20 -07:00

Author

SHA1

Message

Date

Lauri Tulmin

2f0819ae20

Improve compatibility with SecurityManager (#7983 )

This pr gives classes defined in agent and extension class loaders all
permissions. Injected helper classes are also defined with all
permissions. Agent startup is altered so that we won't call methods that
require permission before we are able to get those permissions.
This pr does not attempt to address issues where agent code could allow
user code to circumvent security manager e.g.
https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/javaagent-bootstrap/src/main/java/io/opentelemetry/javaagent/bootstrap/InstrumentationHolder.java
gives access to `Instrumentation` that could be used to redefine classes
and remove security checks. Also this pr does not address failed
permission checks that could arise from user code calling agent code.
When user code, that does not have privileges, calls agent code, that
has the privileges, and agent code performs a sensitive operation then
permission check would fail because it is performed for all calling
classes, including the user classes. To fix this agent code should uses
`AccessController.doPrivileged` which basically means that, hey I have
done all the checks, run this call with my privileges and ignore the
privileges of my callers.

2023-04-05 15:41:37 +03:00

Lauri Tulmin

c76345a973

Always set parent of agent class loader to bootstrap class loader (#5169 )

* Always set parent of agent class loader to bootstrap class loader

* remove parent class loader argument

2022-01-18 19:36:28 -08:00

Lauri Tulmin

0f3d0cb05b

Generate our own sun.misc.Unsafe if it is not available (#4124 )

* Generate our own sun.misc.Unsafe if it is not available

* skip generating invokeCleaner method

* grpc isn't shaded so setting system property doesn't affect only our bundled copy

* generate invokeCleaner when it is present in internal unsafe

2021-09-22 20:18:20 -07:00

3 Commits